Hello.
In our environment, I'm getting an error when opening Servers > Certificates using the Exchange Admin Center.
Cannot connect to the remote procedure call service on the server named SERVERNAME. Verify that a valid computer name was used and the Microsoft Exchange Service Host service is started.
The error does NOT occur when using the FQDN/hostname to connect to EAC, and then selecting the very first Exchange server that was installed. Choosing any other server from the combobox produces this error.
The error also does NOT occur when I log on to the Exchange server locally, using localhost/ecp to connect to EAC, and then selecting the local server.
When using localhost, selecting the first Exchange server strangely gives the same error message, where using the FQDN/hostname to access EAC did show its certificates.
I am completely lost as to how EAC retrieves the certificate information, and why using a different hostname to access EAC would affect this behaviour.
More info:
- Running Exchange Server 2013 CU3
- the MS Exchange Service Host service is running, not really helpful- Our Exchange servers (say 7 servers) are all located in different AD domains within the forest, but I'm not sure if that's really relevant here. They are all members of different child domains (resource domains) of the forest root domain that also contains my administrative user account.
- All of EAC is actually working fine, apart from the Certificates section.
- the EAC/ECP page is in my Intranet security zone, tried it with the security slider as low as possible
- Tried with IE10 and Firefox, same behaviour
- ruled out traffic being blocked by the Windows Firewall. There is no f/w between the client and the Exchange Servers, or between Exchange Servers.
- my user account is not mail-enabled
- my account is a member of the Organization Management group
- my account is a member of the Administrators group on each Exchange server.
- I can view the machine certificate store just fine when logged on locally, and the server certainly has certificates that are bound to Exchange services. E.g. I'm viewing the EAC page via SSL using a corporate trusted certificate.
Also remember, when I log on locally and use https://localhost/ecp, I can view the Server > Certificates from the same host. The certs are there.
I can consistently view the certificates on the first installed Exchange Server, as long as I use the FQDN to connect to EAC. What kind of special roles or services does the first installed Exchange server have that makes it so special? Does this operation require some specific mailbox hosted there?
Any kind of explanation or fix to resolve this error message would be appreciated.
Thanks,
Patrick
Other recent topics
